diff options
| author | Johannes Schauer Marin Rodrigues <josch@debian.org> | 2022-09-06 07:56:54 +0200 |
|---|---|---|
| committer | Johannes Schauer Marin Rodrigues <josch@debian.org> | 2022-09-06 10:01:45 +0200 |
| commit | 840aa7a9802beba62660243aa767574479366e0e (patch) | |
| tree | e21d3f540a71b50c002a2653e029d8a7fb1a391c | |
| parent | 8f8c08e8a5722515476830e78ab0cbaefa6ed0c3 (diff) | |
| download | shadow-840aa7a9802beba62660243aa767574479366e0e.tar.gz | |
useradd: avoid creating several GB worth of sparse lastlog and faillog files
Closes: #1019245
| -rw-r--r-- | debian/changelog | 6 | ||||
| -rw-r--r-- | debian/patches/301_lastlog_faillog_do_not_reset_non-existent_data | 37 | ||||
| -rw-r--r-- | debian/patches/series | 2 |
3 files changed, 45 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 607477b3..d0806cc0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,14 @@ shadow (1:4.12.3+dfsg1-1) UNRELEASED; urgency=medium + [ Balint Reczey ] * New upstream release * Refresh patches + [ Johannes Schauer Marin Rodrigues ] + * useradd: cherry-pick patch from upstream to avoid creating several GB worth + of sparse lastlog and faillog files for users with high uid values + (Closes: #1019245) + -- Balint Reczey <balint@balintreczey.hu> Sat, 20 Aug 2022 18:18:43 +0200 shadow (1:4.11.1+dfsg1-2) unstable; urgency=medium diff --git a/debian/patches/301_lastlog_faillog_do_not_reset_non-existent_data b/debian/patches/301_lastlog_faillog_do_not_reset_non-existent_data new file mode 100644 index 00000000..0e20995b --- /dev/null +++ b/debian/patches/301_lastlog_faillog_do_not_reset_non-existent_data @@ -0,0 +1,37 @@ +From ebf9b232b012725d2be5e750876c7336cf1c37fd Mon Sep 17 00:00:00 2001 +From: David Kalnischkies <david@kalnischkies.de> +Date: Wed, 24 Aug 2022 13:21:01 +0200 +Subject: [PATCH] useradd: Do not reset non-existent data in {last,fail}log + +useradd does not create the files if they don't exist, but if they exist +it will reset user data even if the data did not exist before creating +a hole and an explicitly zero'd data point resulting (especially for +high UIDs) in a lot of zeros ending up in containers and tarballs. +--- + src/useradd.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +--- a/src/useradd.c ++++ b/src/useradd.c +@@ -1997,8 +1997,9 @@ static void faillog_reset (uid_t uid) + struct faillog fl; + int fd; + off_t offset_uid = (off_t) (sizeof fl) * uid; ++ struct stat st; + +- if (access (FAILLOG_FILE, F_OK) != 0) { ++ if (stat (FAILLOG_FILE, &st) != 0 || st.st_size <= offset_uid) { + return; + } + +@@ -2034,8 +2035,9 @@ static void lastlog_reset (uid_t uid) + int fd; + off_t offset_uid = (off_t) (sizeof ll) * uid; + uid_t max_uid; ++ struct stat st; + +- if (access (LASTLOG_FILE, F_OK) != 0) { ++ if (stat (LASTLOG_FILE, &st) != 0 || st.st_size <= offset_uid) { + return; + } + diff --git a/debian/patches/series b/debian/patches/series index b25583aa..6ecd3726 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -14,3 +14,5 @@ 463_login_delay_obeys_to_PAM 505_useradd_recommend_adduser 501_commonio_group_shadow + +301_lastlog_faillog_do_not_reset_non-existent_data |